Auto-Update: 2024-09-03T02:00:17.355931+00:00

This commit is contained in:
cad-safe-bot 2024-09-03 02:03:15 +00:00
parent 1b0a0ab819
commit 40f3725ff1
3 changed files with 150 additions and 9 deletions

View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-8380",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-09-03T01:15:13.690",
"lastModified": "2024-09-03T01:15:13.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoint/delete-account.php of the component Delete Contact Handler. The manipulation of the argument contact leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Contact_Manager_delete_contact_sqli.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.276353",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.276353",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.401249",
"source": "cna@vuldb.com"
},
{
"url": "https://www.sourcecodester.com/",
"source": "cna@vuldb.com"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-09-02T22:00:16.768861+00:00
2024-09-03T02:00:17.355931+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-09-02T21:15:11.363000+00:00
2024-09-03T01:15:13.690000+00:00
```
### Last Data Feed Release
@ -27,21 +27,20 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2024-09-02T10:03:48.875137+00:00
2024-09-03T00:00:08.681685+00:00
```
### Total Number of included CVEs
```plain
261721
261722
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `1`
- [CVE-2024-1621](CVE-2024/CVE-2024-16xx/CVE-2024-1621.json) (`2024-09-02T20:15:03.223`)
- [CVE-2024-45623](CVE-2024/CVE-2024-456xx/CVE-2024-45623.json) (`2024-09-02T21:15:11.363`)
- [CVE-2024-8380](CVE-2024/CVE-2024-83xx/CVE-2024-8380.json) (`2024-09-03T01:15:13.690`)
### CVEs modified in the last Commit

View File

@ -242571,7 +242571,7 @@ CVE-2024-1606,0,0,15a17e447d99df7418714d7ef94e3798f3d5d0e7ef6ca0dc3b7b341bddda71
CVE-2024-1608,0,0,44224eee05265f6f7b8c8729d57dee56f28fe5925bde16e1c91e799aa3c2bf41,2024-07-03T01:45:25.227000
CVE-2024-1618,0,0,3886085aa0e530a3cd7ca87e86ea29f5f9d41baf4dd8dca3226a1b22f221980f,2024-03-12T16:02:33.900000
CVE-2024-1619,0,0,01b7d19909a94551e828e77c9f333931b13ef7600c345044af8f16766ef9e448,2024-02-29T13:49:29.390000
CVE-2024-1621,1,1,48acdfc90301fbba8816e2d17ff397869166f6d4caaec24b394146d8b94d2ec2,2024-09-02T20:15:03.223000
CVE-2024-1621,0,0,48acdfc90301fbba8816e2d17ff397869166f6d4caaec24b394146d8b94d2ec2,2024-09-02T20:15:03.223000
CVE-2024-1622,0,0,90a7ac12e644da856fef8a87eb083c29b5cbc6ef54024c4fa075b222ca54bc89,2024-03-23T03:15:10.947000
CVE-2024-1623,0,0,3ba11c4b97908f2b99dcf57078312ab0e09d7a907a83f42f8c58a9ed7ccc2585,2024-03-14T14:21:20.217000
CVE-2024-1624,0,0,be6a9a69a944e9dd61590c16d7893d842fe68943f296187e7945d7ce86481789,2024-03-01T22:22:25.913000
@ -258961,7 +258961,7 @@ CVE-2024-4561,0,0,8ef61ebc386f7e587b6eb6df8054d64514729591e443c5ac6735c0df58420e
CVE-2024-4562,0,0,e0a783b0d1c16da234e0fe3d351cbae7a089d075739ba22ec0641c397b879b0f,2024-05-15T16:40:19.330000
CVE-2024-45621,0,0,0b120d0ed61ccec663a0d1e80b0f5c072f370ac2ff33012ab2b7a02d0113b491,2024-09-02T19:15:13.073000
CVE-2024-45622,0,0,a9b592efeff8e6f8d35d152c5fc6c7a2397aad7d98377f2200f908ad9781c741,2024-09-02T19:15:13.170000
CVE-2024-45623,1,1,71aca376538fc4e76dc7cb6ce92391607a5646b6791e9c241f31e87a86f79181,2024-09-02T21:15:11.363000
CVE-2024-45623,0,0,71aca376538fc4e76dc7cb6ce92391607a5646b6791e9c241f31e87a86f79181,2024-09-02T21:15:11.363000
CVE-2024-4563,0,0,a90af34c00297497a78ff72a2c306ea2262a49c5811c3b8bcaed5ddcefc9b6fb,2024-05-23T16:15:08.867000
CVE-2024-4564,0,0,045273651cbda7642192b25b1ce14ee6220cb16969b1d2c569252c03c480a950,2024-06-13T18:36:09.013000
CVE-2024-4565,0,0,15260fda70e8733111d52b1dae1a14ee33f22d1739a2e8de851c031d5bec2fb8,2024-07-17T14:14:08.750000
@ -261720,3 +261720,4 @@ CVE-2024-8366,0,0,aa72fcd41b228be7b06f6c9a81ecf2f8f9fd5e20be0db7cf0df490a8a5890f
CVE-2024-8367,0,0,8148f938d91de1e8fd6536b835fce7d047e450cd706d113fc44497b29c91e0fa,2024-09-01T04:15:14.107000
CVE-2024-8368,0,0,b6512ddcc37b6e90aa53a67b75199705c7ccbc726e2c91253f9dcb246f9ed10e,2024-09-01T05:15:12.187000
CVE-2024-8370,0,0,fc6619055deaa0369ad7ec9ea228a5984b89e76836c9bae412619b763ebbc1d6,2024-09-01T22:15:14.117000
CVE-2024-8380,1,1,59536f41ae8eb3ab90b4321adcf0c677bff349890fe9496a5f0af1786eb08033,2024-09-03T01:15:13.690000

Can't render this file because it is too large.